Initial process creation debug event not received

Question

Initial process creation debug event not received

jakemarston opened this issue 2 years ago · comments

I get the following error when running elevator.exe --new-console C:\windows\System32\cmd.exe

[+] Unelevatad notepad.exe process created.
[+] Reference to debug object retrieved.
[+] Debug object successfully detached.
[+] Elevated taskmgr.exe process created.
[+] Initial process creation debug event obtained.
[+] Full access handle obtained.
[x] The new process could not be spawned.

Kurosh Dabbagh Escalante · Answer 1 · Tue Aug 30 2022 14:46:27 GMT+0800 (China Standard Time)

Hi @jakemarston,

The parameters are not position independient. Try running elevator.exe C:\windows\System32\cmd.exe --new-console instead.

The first parameter should always be the command line that you want to execute.

Jake Marston · Answer 2 · Tue Aug 30 2022 23:27:24 GMT+0800 (China Standard Time)

Thanks this worked